Latest Verified Correct GIAC GCCC Questions Answers Daily Updated 100% Pass Guaranteed Download Cyber Security Exam PDF Q A NEW QUESTION # 42 Implementing which of the following will decrease spoofed e-mail messages? A. Sender Policy Framework B. Internet Message Access Protocol C. Network Address Translation D. Finger Protocol Answer: A NEW QUESTION # 43 Which CIS Control includes storing system images [...]

All Products Contact now

Latest Verified & Correct GIAC GCCC Questions & Answers Daily Updated [Q42-Q65]

Share

Latest Verified & Correct GIAC GCCC Questions & Answers Daily Updated

100% Pass Guaranteed Download Cyber Security Exam PDF Q&A

NEW QUESTION # 42
Implementing which of the following will decrease spoofed e-mail messages?

  • A. Sender Policy Framework
  • B. Internet Message Access Protocol
  • C. Network Address Translation
  • D. Finger Protocol

Answer: A


NEW QUESTION # 43
Which CIS Control includes storing system images on a hardened server, scanning production systems for out-of-date software, and using file integrity assessment tools like tripwire?

  • A. Continuous Vulnerability Management
  • B. Inventory of Authorized and Unauthorized Software
  • C. Secure Configurations for Network Devices such as Firewalls, Routers and Switches
  • D. Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers

Answer: D


NEW QUESTION # 44
Which of the following actions will assist an organization specifically with implementing web application software security?

  • A. Making sure that all hosts are patched during regularly scheduled maintenance
  • B. Having a plan to scan vulnerabilities of an application prior to deployment
  • C. Providing end-user security training to both internal staff and vendors
  • D. Establishing network activity baselines among public-facing servers

Answer: B


NEW QUESTION # 45
Which projects enumerates or maps security issues to CVE?

  • A. SCAP
  • B. CIS Controls
  • C. NIST
  • D. ISO 2700

Answer: A


NEW QUESTION # 46
As part of a scheduled network discovery scan, what function should the automated scanning tool perform?

  • A. Alert the incident response team on ports and services added since the last scan
  • B. Automatically close ports and services not included in the current baseline
  • C. Uninstall listening services that have not been used since the last scheduled scan
  • D. Compare discovered ports and services to a known baseline to report deviations

Answer: D


NEW QUESTION # 47
Why is it important to enable event log storage on a system immediately after it is installed?

  • A. To create the ability to separate abnormal behavior from normal behavior during an incident
  • B. To identify root kits included on the system out of the box
  • C. To compare it performance with other systems already on the network
  • D. To allow system to be restored to a known good state if it is compromised

Answer: A


NEW QUESTION # 48
Acme Corporation is doing a core evaluation of its centralized logging capabilities. Which of the following scenarios indicates a failure in more than one CIS Control?

  • A. The loghost is missing logs from 3 servers in the inventory
  • B. The loghost is receiving out-of-sync logs from undocumented servers
  • C. The loghost time is out-of-sync with an external host
  • D. The loghost is receiving logs from hosts with different timezone values

Answer: B


NEW QUESTION # 49
Which type of scan is best able to determine if user workstations are missing any important patches?

  • A. A vulnerability scan using valid credentials
  • B. A web application/database scan
  • C. A source code scan
  • D. A network vulnerability scan using aggressive scanning
  • E. A port scan using banner grabbing

Answer: A


NEW QUESTION # 50
During a security audit which test should result in a source packet failing to reach its intended destination?

  • A. A new connection request from the internet is sent to the company's DNS server
  • B. A new connection request from the Internet is sent to a host on the company 's internal net work
  • C. A packet originating from the company's DMZ is sent to a host on the company's internal network
  • D. A packet originating from the company's internal network is sent to the company's DNS server

Answer: B


NEW QUESTION # 51
Which of the following actions produced the output seen below?

  • A. An access rule was removed from firewallrules.txt
  • B. An access rule was added to firewallrules2.txt
  • C. An access rule was added to firewallrules.txt
  • D. An access rule was removed from firewallrules2.txt

Answer: B


NEW QUESTION # 52
A need has been identified to organize and control access to different classifications of information stored on a fileserver. Which of the following approaches will meet this need?

  • A. Divide the documents into confidential, internal, and public folders, and ser permissions on each folder
  • B. Divide the documents by department and set permissions on each departmental folder
  • C. Set user roles by job or position, and create permission by role for each file
  • D. Organize files according to the user that created them and allow the user to determine permissions

Answer: A


NEW QUESTION # 53
Which of the following best describes the CIS Controls?

  • A. Technical, administrative, and policy controls based on current regulations and security best practices
  • B. Technical, administrative, and policy controls based on research provided by the SANS Institute
  • C. Technical controls designed to augment the NIST 800 series
  • D. Technical controls designed to provide protection from the most damaging attacks based on current threat data

Answer: D


NEW QUESTION # 54
Which of the following can be enabled on a Linux based system in order to make it more difficult for an attacker to execute malicious code after launching a buffer overflow attack?

  • A. Tripwire
  • B. Iptables
  • C. SUID
  • D. ASLR
  • E. TCP Wrappers

Answer: D


NEW QUESTION # 55
What is an organization's goal in deploying a policy to encrypt all mobile devices?

  • A. Providing their employees, a secure method of connecting to the corporate network
  • B. Controlling unauthorized access to sensitive information
  • C. Enabling best practices for the protection of their software licenses
  • D. Applying the principle of defense in depth to their mobile devices

Answer: B


NEW QUESTION # 56
What is the relationship between a service and its associated port?

  • A. A service sets limits on the volume of traffic sent through the port
  • B. A service relies on the port to select the protocol
  • C. A service opens the port and listens for network traffic
  • D. A service closes a port after a period of inactivity

Answer: C


NEW QUESTION # 57
An organization has implemented a policy to continually detect and remove malware from its network. Which of the following is a detective control needed for this?

  • A. Host-based firewall sends alerts when packets are sent to a closed port
  • B. Network Intrusion Prevention sends alerts when RST packets are received
  • C. Host-based anti-virus sends alerts to a central security console
  • D. Network Intrusion Detection devices sends alerts when signatures are updated

Answer: C


NEW QUESTION # 58
How does an organization's hardware inventory support the control for secure configurations?

  • A. It provides a list of unauthorized devices on the network
  • B. It provides the MAC addresses for insecure network adapters
  • C. It identifies the life cycle of manufacturer support for hardware devices
  • D. It provides a list of managed devices that should be secured

Answer: D


NEW QUESTION # 59
Which of the following is a requirement in order to implement the principle of least privilege?

  • A. Discretionary Access Control (DAC)
  • B. Data normalization
  • C. Mandatory Access Control (MAC)
  • D. Data classification

Answer: D


NEW QUESTION # 60
After installing a software package on several workstations, an administrator discovered the software opened network port TCP 23456 on each workstation. The port is part of a software management function that is not needed on corporate workstations. Which actions would best protect the computers with the software package installed?

  • A. Redirect traffic to and from the software management port to a non-default port
  • B. Document the port number and request approval from a change control group
  • C. Determine which service controls the software management function and opens the port, and disable it
  • D. Block TCP 23456 at the network perimeter firewall

Answer: C


NEW QUESTION # 61
Scan 1 was taken on Monday. Scan 2 was taken of the same network on Wednesday. Which of the following findings is accurate based on the information contained in the scans?

  • A. The host with MAC Address D8:50:E6:9F:EE:60 is no longer on the network
  • B. The host located at 192.168.177.21 is a new host on the network
  • C. The host located at 192.168.177.7 is no longer on the network
  • D. The host with MAC Address D8:50:E6:9F:EE:60 had an IP address change

Answer: D


NEW QUESTION # 62
How can the results of automated network configuration scans be used to improve the security of the network?

  • A. Scanners can correct network configurations issues
  • B. Results can be included in audit evidence failures
  • C. Results can be provided to network engineers as actionable feedback
  • D. Reports can be sent to the CIO for performance benchmarks

Answer: C


NEW QUESTION # 63
John a network administrator at Northeast High School. Faculty have been complaining that although they can detect and authenticate to the faculty wireless network, they are unable to connect. While troubleshooting, John discovers that the wireless network server is out of DHCP addresses due to a large number of unauthorized student devices connecting to the network. Which course of action would be an effective temporary stopgap to secure the network until a permanent solution can be found?

  • A. Limit access to allowed MAC addresses
  • B. Shorten the DHCP lease time
  • C. Increase the size of the DHCP pool
  • D. Change the password immediately

Answer: D


NEW QUESTION # 64
Which of the following is a reliable way to test backed up data?

  • A. Verify the file size of the backup
  • B. Compare data hashes of backed up data to original systems
  • C. Confirm the backup service is running at the proper time
  • D. Restore the data to a system

Answer: D


NEW QUESTION # 65
......


The GCCC certification is a valuable credential that demonstrates a candidate's expertise in critical control implementation and management. GIAC Critical Controls Certification (GCCC) certification provides candidates with an in-depth understanding of cybersecurity threats and how to mitigate them. It also demonstrates that candidates have the necessary skills and knowledge to implement and manage critical security controls in an organization. GIAC Critical Controls Certification (GCCC) certification is recognized globally and is highly valued by employers.

 

GCCC PDF Dumps Are Helpful To produce Your Dreams Correct QA's: https://torrentpdf.guidetorrent.com/GCCC-dumps-questions.html

Related Articles

more
GIAC GCCC Certification Practice Exam